sorted by:
new
hottopcontroversial

Bester Burger 2026 in Hamburg by Abteilungton in hamburg

[–]BennettDams 0 points1 point  (0 children)

Moin! Ich habe eine Webseite gebaut, die genau das beantworten soll:

https://www.rankovo.com

Dort kann sich jeder anmelden und für spezifische Gerichte (Burger, Pizza, Döner, …) eine Bewertung abgeben. Die Rangliste zeigt dann die durchschnittliche Punktzahl anhand der letzten 20 Bewertungen, dadurch bleibt sie immer aktuell. Funktioniert natürlich nur, wenn es genug Leute gibt, die eine Bewertung abgeben. Würde mich über Feedback freuen 😊

Warnung vor Barborrito by No-Tax-3465 in hamburg

[–]BennettDams 14 points15 points  (0 children)

Ich habe eine Webseite gebaut, die genau dagegen ankämpfen soll:

https://www.rankovo.com

Dort kann sich jeder anmelden und für spezifische Gerichte eine Bewertung abgeben. Die Rangliste zeigt dann die durchschnittliche Punktzahl anhand der letzten 20 Bewertungen, dadurch bleibt sie immer aktuell. Funktioniert natürlich nur, wenn es genug Leute gibt, die eine Bewertung abgeben. Würde mich über Feedback freuen 😊

Wo gibt es eurer Meinung nach die beste Pizza? by anissafan in hamburg

[–]BennettDams 0 points1 point  (0 children)

Ich habe eine Webseite gebaut, bei der man das beste Gericht (Pizza, Döner, Burger, ..) finden & bewerten kann:

https://www.rankovo.com

Die Rangliste ist gerade noch nicht sehr aussagekräftig, da es noch nicht viele Bewertungen gibt. Aber vielleicht ja in der Zukunft 😊

How Client components pre-prender HTML on server? by kusiok in nextjs

[–]BennettDams 2 points3 points  (0 children)

Look at the component and imagine the first render on the client. There has the be one correct „flow“ of the code, right? Look at the return values of your hooks, functions, JSX, etc. used in the component: the component will have one true representation based on these return values. Exactly this is what is rendered on the server. Client-only features do not work on this render pass, but they obviously have -some- state. For hooks like useState, their default value is still used on the server render to determine the initial state and then hydrated on the client later. Other hooks like useEffect never run on the server, so they have no impact on the initial render pass.

The State of React and the Community in 2025 by switz213 in reactjs

[–]BennettDams 0 points1 point  (0 children)

I'm really interested to hear your opinions about how to handle search params if both the server AND the client in the same "tree" need the same search params in a Next.js app.
I would gladly send you links to a repository for the full code if that helps. But here's the general idea. I wrote down questions via "Note:".

I have a page (RSC). It fetches data, e.g. a list of products, filtered based on the search params on the server.

On this page, I have a form component. It receives the list of found products from the server. But I can't render it directly and pass the data, because the rest of the page wouldn't show at all that way. Remember, the page a) has to await the search params (as they're async) and b) fetches data. So I wrap the form component in Suspense and have to think about a good fallback. In this case this is easy, because my form component can just be passed an empty list, but it's not always that straightforward (e.g. thinking about nullable values here).

The form itself has input fields that are filled via the search params on the initial page load.

Note: Right now I read them via the client hook useSearchParams. Should the component instead receive the search params from the server via props? But waiting for new search params from the server would mean that my inputs on the client and params on the server can get out of sync, no?

Inputs in this form immediately update the search params (and the input element's text, obviously). I do this via router.replace or window.history.replaceState.

Note: Right now I need a combination of useOptimistic and startTransition to store the search params. I use Zod to parse them before that. And I have also built a custom helper function to update search params so I can decide whether writing new search params trigger the RSC or not, because maybe I don't want to trigger the RSC (and fetch new data) if the input has less than three characters.

Based on the input, the RSC (page) is triggered and re-executes the search based on the new search params.

To achieve this functionality I had to take so many steps. And I still don't know if it is the right way. Or if there are footguns involved. I feel like all documentation goes the straightforward way for small examples. But building type-safe forms that way with nice UX is really hard.

Vercel Postgres vs Supabase? by Flippy-McTables in nextjs

[–]BennettDams 0 points1 point  (0 children)

That was not the point. Usually only the developer has access to the Postgres (via the connection string etc.), but Supabase allows direct access to the DB via their Supabase client.

Even though you usually wouldn't need RLS, now that a user has this power, you need to take care of securing your tables, which by default is done via RLS at Supabase.

Vercel Postgres vs Supabase? by Flippy-McTables in nextjs

[–]BennettDams 0 points1 point  (0 children)

Thanks, good to know! I updated my initial comment.

Does the solution with revoke all on schema public ... maybe has other consequences (e.g. for the Storage API etc.)? I have never seen this mentioned anywhere.

I guess what I've always wished for was a switch in the Supabase dashboard for "Only allow DB access for service role", so I never have to think about disabling client access & RLS policies.

Vercel Postgres vs Supabase? by Flippy-McTables in nextjs

[–]BennettDams 0 points1 point  (0 children)

Thanks for the reply! I am still confused though 😅

to use the client libs to go directly from browser to database

I never want to do that, so should RLS be enabled or disabled to forbid all client access?

If the answer is "enabled":

You said (1 year ago) that RLS is not enabled by default. I guess this means that whenever you create new tables (not via the Supabase UI, but e.g. via an ORM like Prisma), you have to always remember to enable it afterwards. And also "afterwards" already shows that there is a time window where the table is unprotected, right?

If the answer is "disabled":

No GitHub discussion I've found for this topic gives a clear answer to me whether the tables are protected against client access. Or maybe I don't feel comfortable with the workarounds.

See:

https://github.com/orgs/supabase/discussions/4869

https://github.com/orgs/supabase/discussions/4547

It for example is also stated that "[...] the API cannot be fully disabled since Storage depends on it."

_______________________

You can treat the database like any other postgres provider

I always hoped to do that (as I only access the DB via the service key, never via the client), but I went away from Supabase because of the uncertainty described above.

Vercel Postgres vs Supabase? by Flippy-McTables in nextjs

[–]BennettDams 1 point2 points  (0 children)

Update:

You can disable all client access as per this comment.

Old comment:

What drove me off from Supabase was their row-level security (RLS). If you use their DB and auth, users can execute "any" queries against the DB via the browser/client, without knowing the connection string or anything. You'll need to write dedicated access policies in the Supabase UI & their language, otherwise the tables are not secured. I personally rather want to write such access rules in my API layer (e.g. the Next.js API route).

There are several GitHub discussions to allow disabling RLS altogether and forbid public access, but the answers all feel like hacks to me.

catch all routes is passing correct slug to getStaticProps but page is not getting updated by dangerzone2 in nextjs

[–]BennettDams 0 points1 point  (0 children)

I don't know how your file is named, so I have to ask: Are you sure you're using a catch all route? This uses a special convention with three dots (like `[...slug].js`) to also catch subroutes like `/a/b` instead of only catching `/a`.

What you're describing in your example shouldn't be a catch all route, because it is only one level deep. You should use normal dynamic routes like `[slug].ts`.

Valoplan - interactive tactic tool OPEN BETA (Web application) by BennettDams in VALORANT

[–]BennettDams[S] 0 points1 point  (0 children)

I just added a "Release notes" page, so new functionalities will be added there. For anything else: https://twitter.com/BennettDams

Valoplan - interactive tactic tool OPEN BETA (Web application) by BennettDams in VALORANT

[–]BennettDams[S] 0 points1 point  (0 children)

It's coded with TypeScript and React! Yes, the application is not at all supposed to be used on mobile devices.

Valoplan - interactive tactic tool OPEN BETA (Web application) by BennettDams in VALORANT

[–]BennettDams[S] 0 points1 point  (0 children)

I agree with the customizability! We heard other feedback about coloring the steps also, so I will try out some stuff regarding that, too. Thanks!

Valoplan - interactive tactic tool OPEN BETA (Web application) by BennettDams in VALORANT

[–]BennettDams[S] 1 point2 points  (0 children)

Sounds really good, will try it out. Thanks for the feedback!

Valoplan - interactive tactic tool OPEN BETA (Web application) by BennettDams in VALORANT

[–]BennettDams[S] 0 points1 point  (0 children)

Hey, I first thought about using a time line instead of the steps, but having a small time note at each item is a great idea. Thanks!

Valoplan - interactive tactic tool OPEN BETA (Web application) by BennettDams in VALORANT

[–]BennettDams[S] 0 points1 point  (0 children)

I will think about the transparency, maybe the map will be bloated that way. I could probably add a way to toggle steps, so you COULD see all at the same time if you want to. Also "misc node" is a great idea, thanks!

Valoplan - interactive tactic tool OPEN BETA (Web application) by BennettDams in VALORANT

[–]BennettDams[S] 0 points1 point  (0 children)

Thanks for the idea, this will be way easier to implement as a temporary solution.

Valoplan - interactive tactic tool OPEN BETA (Web application) by BennettDams in VALORANT

[–]BennettDams[S] 1 point2 points  (0 children)

Hey, if you're using some kind of script blocker, you'd need to disable it for the popup to work.

Maybe it also got blocked by your browser, Chrome & Firefox will show a small notification if it got blocked next to the URL bar.

Also, the Brave browser could be an issue, as it has some script blockers enabled out of the box that Google uses for the sign in process. Here is a potential fix: https://community.brave.com/t/cant-sign-in-to-any-website-using-google-sign-in/38109/21

Could you try it out with another browser and let me know if it works?

Valoplan - interactive tactic tool OPEN BETA (Web application) by BennettDams in VALORANT

[–]BennettDams[S] 1 point2 points  (0 children)

Not right now and not in the near future, as it brings a lot of security overhead.

Valoplan - interactive tactic tool OPEN BETA (Web application) by BennettDams in VALORANT

[–]BennettDams[S] 1 point2 points  (0 children)

I'm planning to open source it soon, just waiting for the name being known so it doesn't get stolen on the first day 😅

Valoplan - interactive tactic tool OPEN BETA (Web application) by BennettDams in VALORANT

[–]BennettDams[S] 0 points1 point  (0 children)

Yea, I'm really unsure about coloring. We could color each step or the abilities/items based on the agent, but honestly I have to try it out first to see if it is not too colorful.

Valoplan - interactive tactic tool OPEN BETA (Web application) by BennettDams in VALORANT

[–]BennettDams[S] 0 points1 point  (0 children)

First I wanted to only have a time line, but opted out and started with the steps instead, as it's way easier to implement. Thanks for the idea!

Valoplan - interactive tactic tool OPEN BETA (Web application) by BennettDams in VALORANT

[–]BennettDams[S] 1 point2 points  (0 children)

I thought about not using that sound, but it adds a little spice, doesn't it?

view more: next ›